Malicious software (“malware”) refers to software programs that perform unwanted functions on a system. Examples of malware include computer viruses, worms, Trojans, spyware, keyloggers, and the like. Currently, the detection of malware is primarily performed using two known methods. One method is a signature-based approach, which detects binary digital bit streams or patterns in the binary object code of malware based on a list of binary strings that are found in known malware programs. Another method is a rule-based or heuristic approach, which detects malware programs based on behaviors that are shared by malware programs of a given class. These methods, however, have their downsides. If the behavior patterns are too narrowly defined, some malware programs may not be detected, which results in compromising the system. If the rules are too broadly defined, non-harmful programs may be mistaken for malware programs, which results in false alarms and potentially corrective action that is mistakenly applied.